Re: [TLS] TLS Impact on Network Security draft updated
Dennis Jackson <dennis.jackson@cs.ox.ac.uk> Tue, 23 July 2019 23:44 UTC
Return-Path: <dennis.jackson@cs.ox.ac.uk>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 42458120996 for <tls@ietfa.amsl.com>; Tue, 23 Jul 2019 16:44:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.999
X-Spam-Level:
X-Spam-Status: No, score=-0.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FAKE_REPLY_A1=3.199, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zSgCeh8so_lf for <tls@ietfa.amsl.com>; Tue, 23 Jul 2019 16:44:27 -0700 (PDT)
Received: from relay12.mail.ox.ac.uk (relay12.mail.ox.ac.uk [129.67.1.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3EE5A120995 for <tls@ietf.org>; Tue, 23 Jul 2019 16:44:27 -0700 (PDT)
Received: from smtp4.mail.ox.ac.uk ([129.67.1.207]) by relay12.mail.ox.ac.uk with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from <dennis.jackson@cs.ox.ac.uk>) id 1hq4SH-0009AR-et; Wed, 24 Jul 2019 00:44:25 +0100
Received: from 61.ip-51-38-113.eu ([51.38.113.61] helo=[192.168.2.2]) by smtp4.mail.ox.ac.uk with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.89) (envelope-from <dennis.jackson@cs.ox.ac.uk>) id 1hq4SH-0003B7-Cv; Wed, 24 Jul 2019 00:44:25 +0100
To: watsonbladd@gmail.com
Cc: tls@ietf.org
From: Dennis Jackson <dennis.jackson@cs.ox.ac.uk>
Openpgp: preference=signencrypt
Autocrypt: addr=dennis.jackson@cs.ox.ac.uk; prefer-encrypt=mutual; keydata= mQINBFbAmb8BEADCLixsrAJyvknI95ZIZNVeDJbYvldeXpw7iyhrdUdRK69USU5S9EESulYh k1KlxDB5VfG8CCA/WzG1IonONdXmgLFa1NcmdVvkFjbXf5mbGYG+9pTkieM+UHikniAizIOi ibdTWEEc2opOAvpVypek4SSsfCoXfXqj0j5AXSapHiVzhhWuaXhKVuFdLtYwJDU/x0FXgStm erFMIOeZ5FLFnjkkNyEa1t3XCcf7bfgw8J86UmWzgkVLmtBYbDK0ZAFjtFep5Kps11iTDIa3 xYXzuqgkWwkg7b1mhn5gQUl/kKZqQbuG+Sk+BydjH8e1PJkO6p2eAprO0AoucRuuBl1pmg/F bf/WJC6/XD3AV87ERAdXbb9cH+vrRT8GpiNX5r+7OuXavc3/LNU9stqsdshXwdZlDyPyDIG2 Llj6hB4eS0tEpat3otcPDkXUjXjyOUQ6jKTNSZ+xTBtVTXznflDCGdn9GV0q+4ZbdRZ5tfXM DXM+uMqVxjvh2IjCrka7zf1rRWg1WZu+NrzAUrvPMPddDJfd8JNrIcvV+DIBxPVsUTJLEGt9 PW8LkQb5FrG7T6a813JYNoAtL4w7296UYmUpV1Kvv8otO+uH860x5Ci83ZCXb7gKr9Rankn5 Jcg+shWnDFgSq6uM/u3MmyRV2iw7aCSgcgfy4EPTojJdy3KjzQARAQABtCtEZW5uaXMgSmFj a3NvbiA8ZGVubmlzLmphY2tzb25AY3Mub3guYWMudWs+iQIwBBMBCgAaBAsJCAcCFQoCFgEC GQAFglsIFtUCngECmwMACgkQYQWndYzSRqzvkA//djyyIydK5jhxNFqmMvJTkTZwawKWV7Tc cEntsIwYsHw8ec9Edo/M6fwp8aFmddPnzRo0EBmh6KNm887VxgH0FXmcR7k8bD3qUzIhfq11 4ezWtTk0nWjpieEsFb20lCMZjK9dsfXVRgFrfe00x2lhjPWQ5G5mTkfX8KYcDs5nmc+13qHK Ux6e6aSdEa4mnxrT0NsEg2H2xKgwrGkNIxJO6snrh3A3mT6+2F8ZCiRWwmOhcHBzNCFp1enR bMJpNRhcmGBDNJ9TpnQHDRVE67ds3PC/vKDkYQ3tEIkdgc/KVGOo7+kZxSU/n1gARDZ4PYUw IGOM81aEhmrbXoF33Jbic2jnuLfqsC8uXeP6wGgGpEdGThQ+7zslOPDradgDZBlUmYenuwOb JwJEj+JbbZPcND17VrgVDzcM1rh1w9wcKrRDMIw/zLCpEDOfLRe2ad/V380q/Eh3qa4QrZE7 tnXcOTIZfxd1zZ6TcpOvMVYQPN5Zfrlazmw9bTsdkm3WVrzvxc9DJ/D5Ws+aMu+JfSD+C5Nd n5w2fW7OOiDudeFXj88CL7oBehPJ2ajCDmHd/vc1W7CSoPte6aHBgSGER9cWm5hpEOXacQt+ pEz/uMvq+zkDIydy9YL/8hDo5TsVA4Yo8wNdKOuyaStk/oh3WNda05N0jr8VhRMdxnLN/hWY Ely5Ag0EVsCZvwEQAOBD1BmNy7FWbpg9Tm3OfMNC/yLs6G7rk3OFw7BhpjHXHSsEge48HbvP lfdR9abA1cmbgYR7EyaOav1s9ugU7EtDCcK8zHZcaUg3gC+FdjsnkIQCkf/3HK2sxcbBSrkX 2Uu2jjufvZu10g/aavkCuTHIUiYAHhQU5kCkRI7NYvXIKmaPY2Km3YIVJ50x+4GlE/WVZk8w HpvisxDInBioziUjAIqTt0at5tE1ObZksl2eNHNCwlo15WE2hKIYCuJKb57wCBKaOKo/gSw/ yN2DX3HaU/PF+8rCikkKDhHDrefFwGkqBf3zHlrLiHIr+ONVZ8i9dxMyg5TERxjd3vZ4ha+7 8cr8G83HC8lSBEpPYmoeU4J8vWf8kjBlai0UmzyZRF3SeZlqldxo7zJhYq3xIsDGKVuSCn68 2TcoEsR5WS/Zjc0ZoH/YIpdVy8FRu45dJ2IUzHVyszMfNWKob7ZsQ9JCXiXypmIF6ut5mwv8 ddCMdG6Jdpvg1fr0coABNbJSrUM8uFEldmRFpBdbNx5xSCJjNo+QuTHOXWuO3/GFRmux8/kW TlfF3+dvff2Pw3CKENoysgcOflYShcjOv/03sQ6AfxTm2Jnh5dqJSoVnPWpcDyPqn3k4zoZW 0ISqorI8yehJbfT3C0J5iEX75c8vJWfUUjIhyO0CpHxATNW3j3QxABEBAAGJAh8EGAEIABMF AlbAmccJEGEFp3WM0kasAhsMAAD8JhAAtkUWMLjr1RYTSMPrmTp3NGZfNSblv0GGHtL7TvT1 kFwdT/hs29Gjrj0FffZE6RKDEGls9AL6LY/g3wA5WQsXaK0wqwb8MBeIPWvFPvVQbqrifN3A bpukTl4OCBOwJbHS/GO1V3AwaLl4l3U/+kzR7UsnszWs4kizE9lBJ0AYFbxB0xbPF6iI32Cm K3nrLPfkXBXw2xX01nOLxTx9E7YdVpP3Re1c96aBTflm4CAGUfTZ5xgQMW6rgJ8FBc3oLckt 9MT0qB5XkmKGI1kkRypN7hIFRBcPxegeO8S3fpBUOop5F0el24TVx6KJTktpLmlIfUsEQ0Lx CqNtUk1v3eMCoKmeky8WbFcUArRV4DKXDAK1e3C8poMaehRgfl8sjz6SuH1VXpCMLNPpNMtZ EK4FU+C0jGgJyHS9N1UZjq8Qa8FnYKruyPgTpKEAsqlo5vB6J8phiaKXxnren8HqIfzQdrt8 3M+raXc7+Fqis4pYS49vfIpxUzcqvKUiSgDGKemqMw9w9U5dBEQeLNW08uOKSjyENU4e1Ob/ IiimIpEPA5LEIhSfOP9CN9TculGqvo0g12XnB+g5AAtm1ohMkb33T17IR3rKkhlvIITuY1qi fZz7OgGbXh4G5oUHXNBOhXHaqRIzQCCRbBUFA09OyJBLWAGH6HcM/DeM0I7Ng55uMl8=
Message-ID: <51f39225-1953-b603-bd15-bbc7d4bf2222@cs.ox.ac.uk>
Date: Wed, 24 Jul 2019 00:44:20 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.7.1
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="------------4614E9E8247E2E0519DBDA4B"
Content-Language: en-US
X-Oxford-Username: exet4027
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/lCRQK5yAAkpNkDz4BrJkEQt471Y>
Subject: Re: [TLS] TLS Impact on Network Security draft updated
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Jul 2019 23:44:29 -0000
RFC 791 is nearly 40 years old. RFC 4074 lists 5 forms of deviations from RFC 1034 and explains the correct behavior. RFC 7021 describes a series of objective tests of RFC 6333 and the results. The above RFCs describe objective test results and how they relate to earlier RFCs. In contrast, this document offers a speculative and subjective discussion of possible future impact. I do not believe there is any precedent supporting publication. Best, Dennis > On Tue, Jul 23, 2019, 3:47 PM Filippo Valsorda <filippo@ml.filippo.io> <mailto:filippo@ml.filippo.io>>; > wrote: > > > Before any technical or wording feedback, I am confused as to the nature > > of this document. It does not seem to specify any protocol change or > > mechanism, and it does not even focus on solutions to move the web further. > > > > Instead, it looks like a well edited blog post, presenting the perspective > > of one segment of the industry. (The perspective seems to also lack > > consensus, but I believe even that is secondary.) Note how as of > > draft-camwinget-tls-use-cases-05 there are no IANA considerations, no > > security considerations, and no occurrences of any of the BCP 14 key words > > (MUST, SHOULD, etc.). > > > > Is there precedent for publishing such a document as an RFC? > > > > I was going to say RFC 691 but no, it recommends changes to the protocol > (as well as being quite amusing). RFC 4074 comes close describing bad > behavior without an explicit plea to stop doing it, but has a security > considerations section. RFC 7021 describes the impact of a particular > networking technique on applications. > > So there is precedent. > > Sincerely, > Watson
- [TLS] TLS Impact on Network Security draft updated Nancy Cam-Winget (ncamwing)
- Re: [TLS] TLS Impact on Network Security draft up… Eric Rescorla
- Re: [TLS] TLS Impact on Network Security draft up… Bret Jordan
- Re: [TLS] TLS Impact on Network Security draft up… Watson Ladd
- Re: [TLS] TLS Impact on Network Security draft up… Tony Arcieri
- Re: [TLS] TLS Impact on Network Security draft up… Viktor Dukhovni
- Re: [TLS] TLS Impact on Network Security draft up… Mark O
- Re: [TLS] TLS Impact on Network Security draft up… Ackermann, Michael
- Re: [TLS] TLS Impact on Network Security draft up… Flemming Andreasen
- Re: [TLS] TLS Impact on Network Security draft up… Sean Turner
- Re: [TLS] TLS Impact on Network Security draft up… Flemming Andreasen
- Re: [TLS] TLS Impact on Network Security draft up… Flemming Andreasen
- Re: [TLS] TLS Impact on Network Security draft up… Salz, Rich
- Re: [TLS] TLS Impact on Network Security draft up… Watson Ladd
- Re: [TLS] TLS Impact on Network Security draft up… Bret Jordan
- Re: [TLS] TLS Impact on Network Security draft up… Arnaud.Taddei.IETF
- Re: [TLS] TLS Impact on Network Security draft up… Ackermann, Michael
- Re: [TLS] TLS Impact on Network Security draft up… Dennis Jackson
- Re: [TLS] TLS Impact on Network Security draft up… Eric Rescorla
- Re: [TLS] TLS Impact on Network Security draft up… Filippo Valsorda
- Re: [TLS] TLS Impact on Network Security draft up… Bret Jordan
- Re: [TLS] TLS Impact on Network Security draft up… Watson Ladd
- Re: [TLS] TLS Impact on Network Security draft up… Dennis Jackson
- Re: [TLS] TLS Impact on Network Security draft up… Bret Jordan
- Re: [TLS] TLS Impact on Network Security draft up… Salz, Rich
- Re: [TLS] TLS Impact on Network Security draft up… Benjamin Kaduk
- Re: [TLS] TLS Impact on Network Security draft up… Ackermann, Michael
- Re: [TLS] TLS Impact on Network Security draft up… Watson Ladd
- Re: [TLS] TLS Impact on Network Security draft up… Dennis Jackson
- Re: [TLS] TLS Impact on Network Security draft up… Joseph Birr-Pixton
- Re: [TLS] TLS Impact on Network Security draft up… Benjamin Kaduk
- Re: [TLS] TLS Impact on Network Security draft up… Hubert Kario
- Re: [TLS] TLS Impact on Network Security draft up… Salz, Rich
- Re: [TLS] TLS Impact on Network Security draft up… Stephen Farrell
- [TLS] redirecting discussion (was Re: TLS Impact … Sean Turner
- Re: [TLS] TLS Impact on Network Security draft up… N6Ghost